CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4876
https://notcve.org/view.php?id=CVE-2018-4876
Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function. Las versiones 6.3, 6.2 y 6.1 de Adobe Experience Manager son vulnerables a Cross-Site Scripting (XSS) mediante una omisión de la función Sling XSSAPI#getValidHref. • http://www.securityfocus.com/bid/102990 http://www.securitytracker.com/id/1040365 https://helpx.adobe.com/security/products/experience-manager/apsb18-04.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-11296
https://notcve.org/view.php?id=CVE-2017-11296
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager. Se ha descubierto un problema en Adobe Experience Manager 6.3, 6.2, 6.1 y 6.0. Se ha resuelto una vulnerabilidad de Cross-Site Scripting en Apache Sling Servlets Post 2.3.20 en Adobe Experience Manager. • http://www.securityfocus.com/bid/101844 http://www.securitytracker.com/id/1039800 https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-3109
https://notcve.org/view.php?id=CVE-2017-3109
An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. Adobe Experience Manager has a reflected cross-site scripting vulnerability in the HtmlRendererServlet. Se ha descubierto un problema en Adobe Experience Manager 6.3, 6.2, 6.1 y 6.0. Adobe Experience Manager tiene una vulnerabilidad de Cross-Site Scripting reflejado en HtmlRendererServlet. • http://www.securityfocus.com/bid/101834 http://www.securitytracker.com/id/1039800 https://helpx.adobe.com/security/products/experience-manager/apsb17-41.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3107
https://notcve.org/view.php?id=CVE-2017-3107
Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability. Adobe Experience Manager 6.3 y anteriores tiene una vulnerabilidad de error de configuración. • http://www.securityfocus.com/bid/100188 http://www.securitytracker.com/id/1039099 https://helpx.adobe.com/security/products/experience-manager/apsb17-26.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •